Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2022-40971 | Incorrect Default Permissions vulnerability in Intel NUC Hdmi Firmware Update Tool 1.78.2.0.7 Incorrect default permissions for the Intel(R) HDMI Firmware Update Tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-10 | CVE-2022-41687 | Incorrect Default Permissions vulnerability in Intel NUC P14E Laptop Element 1.0.0.156 Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-10 | CVE-2023-22440 | Incorrect Default Permissions vulnerability in Intel Setup and Configuration Software Incorrect default permissions in the Intel(R) SCS Add-on software installer for Microsoft SCCM all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-10 | CVE-2023-27382 | Incorrect Default Permissions vulnerability in Intel NUC P14E Laptop Element Incorrect default permissions in the Audio Service for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.0.0.156 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-08 | CVE-2023-28192 | Incorrect Default Permissions vulnerability in Apple Macos A permissions issue was addressed with improved validation. | 5.5 |
| 2023-05-04 | CVE-2023-23059 | Incorrect Default Permissions vulnerability in Geovision Gv-Edge Recording Manager 2.2.3.0 An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains improper permissions within the default installation and allows attackers to execute arbitrary code and gain escalated privileges. | 9.8 |
| 2023-05-03 | CVE-2023-28724 | Incorrect Default Permissions vulnerability in F5 products NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 7.1 |
| 2023-05-02 | CVE-2022-30759 | Incorrect Default Permissions vulnerability in Nokia One-Nds 20.9 In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands. | 8.8 |
| 2023-05-01 | CVE-2023-27035 | Incorrect Default Permissions vulnerability in Obsidian 1.1.9 An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page. | 7.5 |
| 2023-05-01 | CVE-2022-4568 | Incorrect Default Permissions vulnerability in Lenovo System Update A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges. | 7.8 |